Return
-
Title
KACE response to the Curl Vulnerability CVE-2023-38545 & Libcurl Vulnerability CVE-2023-38546 -
Description
This article addresses the status of the KACE SMA, KACE SDA, and KACE Cloud products regarding published vulnerabilities related to Curl & Libcurl.
For more details about the vulnerability please refer to:
CVE-2023-38545, addresses a buffer overflow flaw that impacts both libcurl and the curl command line tool. The overflow can occur during a SOCKS5 handshake.
CVE-2023-38546 is associated with a cookie injection flaw, but curl maintainers suggest that the series of conditions that must be met makes the likelihood of exploitation low.
Sign In Required
You need to be signed in and under a current maintenance contract to view premium knowledge articles.